Millions of Swedish patient records left exposed in months

Wednesday, 30 October 2013
Security vulnerabilities in a server meant that within a period of
eight months, three million patient records in Sweden were left
completely unprotected. And there are traces of intrusions in the
computer systems which mean the records might have been compromised.

The Swedish daily, Dagens Nyheter reports that data and information
recording system used by hospitals and health centres in Stockholm and
Gotland, was hit in the summer by multiple failures and security
bridges.

When troubleshooting, it was discovered that the server with patient
records were connected to the Internet in a manner that it easier for
data protect not to work well. In addition, central server firewalls
were missing, the paper reports.
During the eight months there was security breach, which made it
possible for outsiders to get into the IT system, which the records of
some three million patients are stored. Investigation also revealed
traces of intrusions, according to the sources.

“We have the situation under control and no one believe that any
information deemed sensitive in nature may have been compromised,” says
Anders Nystrom, Assistant Manager at the Stockholm County
Council, and responsible for IT security to the paper.

When the defect was discovered in June three independent firms were
hired to investigate the incident. According to Anders Nyström records
were never exposed to the internet. The investigation showed that other
security systems had backed up the wrecked system.

Sweden supposed to be a leader in IT related production and boast of
companies that has companies that produce and manage advance
information and infrastructure systems. If patient records are
valuable, the question remains as to why prpper care is not taken to
protect them.
By Scancomark.com Team